Palo Alto Networks updated its Prisma Access secure access service edge (SASE) platform that targets remote worker security with several new capabilities including better protection for non-web apps and auto remediation for network problems.

As employees worked from home over the past 11 months, and as most companies expect some type of hybrid work in a post-vaccine world, SASE platforms, which combine cloud security, networking, and edge computing, have boomed.

“We have seen over 87% of the enterprises now using hybrid cloud,” Palo Alto Networks SVP and GM Anand Oswal said. “And these trends make it difficult really to secure users, applications, and data because we the attack surface has really become very, very big.”

Competitors’ SASE products, however, “really suffer from some limitations,” he added. “And the most important one is limited application coverage.”

According to the vendor’s analysis this year of more than 500 enterprise customers using Prisma Access, 53% of all remote workforce threats are for non-web apps, Oswal said. “So solutions that only provide a proxy-based approach therefor miss the majority of the enterprise remote workforce threats.”

Prisma Access 2.0 addresses this with a new cloud secure web gateway (SWG) capability. It added an explicit proxy to the Prisma Access Cloud SWG so customers can migrate from legacy proxy-based services to a more comprehensive cloud-delivered security platform without requiring any network architecture changes, Oswal said. “Prisma access can protect all the applications, all the code, all the protocols, not just web.”

In line with this platform-approach to security, Prisma Access 2.0 also includes CloudBlades, which is based on technology Palo Alto Networks acquired when it bought SD-WAN vendor CloudGenix last year. CloudBlades is a platform for third-party API integration across the SASE product. The first integrations will focus on remote browser isolation (RBI) services, but Palo Alto Networks isn’t yet disclosing the vendors’ names. “RBI is one, and there will be others in the future,” Oswal said.

Prisma Access 2.0 also added a new cloud-based management interface and autonomous digital experience management. This technology automatically remediates network problems, thus helping ensure a better experience for remote workers.

“It is really around having segment-by-segment visibility, what’s happening from user to application and troubleshooting problems with automated AI- and ML-driven remediation,” Oswal said. This technology comes from a company called Sinefa that Palo Alto Networks acquired in November.

Additionally, the new release uses in-line machine to prevent unknown, zero-day attacks in real time and analyzes massive amounts of telemetry data to make automated security policy recommendations, according to the vendor. And it adds IoT security capabilities such as support for a new health care IoT security product released last month.

Oswal said these updates, combined with Palo Alto Networks’ deep visibility across enterprises’ security landscape, push its SASE platform into the lead security spot. Prisma Access 2.0 provides 10-times more throughput than Zscaler, its closest competitor, for a faster remote access connection. It also receives 4.3 million security updates per day, which represents about 25-times more than Zscaler, the company claims. Oswal calls this “complete, best-in-class security.”